Using GeoIP to query IP location database

First, download IP database:
http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
Install Python pupi libs: http://pypi.python.org/pypi/pygeoip/
Extract, go to extracted folder and type: #python setup.py install

File geo.py:

import pygeoip
import dns.resolver
import sys
import re

gi =pygeoip.GeoIP('GeoLiteCity.dat')

def name2ip(dnsname):
answers = dns.resolver.query(dnsname, 'A')
for rdata in answers:
return rdata
def printRecord(tgt):
rec =gi.record_by_name(tgt)
city =rec['city']
region =rec['region_name']
country =rec['country_name']
long =rec['longitude']
lat =rec['latitude']
print '[*] Target: ' +tgt
print '[+] '+str(city)+', '+str(region)+', '+str(country)
print '[+] Latitude: '+str(lat)+', Longitude: '+str(long)

str1 = sys.argv[1]
is_ip = re.match("^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$", str1)
is_domain = re.match("^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])$", str1)

if is_ip:
printRecord(str1)

if is_domain:
ip = str(name2ip(str1))
printRecord(ip)

Run it:

#python geo.py hacking.vn
------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

Nam Habach